Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rustybarkeeper is here, is it crazy yet?


  • Please log in to reply
1 reply to this topic

#1 Rustybarkeeper

Rustybarkeeper

  • Members
  • 1 posts
  • OFFLINE
  •  

Posted 12 December 2016 - 09:11 PM

Not too sure who/where to trust these days. I feel like a walking target in computer repair shop.

Using a Gateway NV59c and trying to hang in there.

I'll be over in the malware forums combing for info on what Heuristic Analysis is .....

Keep smiling!

Rusty

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:16 AM

Posted 13 December 2016 - 09:54 PM

:welcome: to Bleeping Computer.

Heuristic analysis is the ability of an anti-virus program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm. A heuristic scanner does not compare code to a signature file like a virus scanner but uses a grading system to determine the probability that the program code being analyzed is a virus. Most heuristic scanners perform a statistical analysis in order to determine the likelihood that a file contains program code that may indicate it is malicious. Static heuristic analysis usually begins by scanning code for suspicious attributes characteristic of a malicious program. Dynamic heuristic analysis involves copying part of a programs code into the anti-virus's virtual emulation buffer and uses special techniques to reproduce its action (execution). If any suspicious activity is detected during this phase, the program is considered malicious and its execution is blocked.The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as malicious. With heuristics, there is always a potential risk for a "false positive" when the heuristic analysis flags a file as suspicious or infected that contains no malware. Packed files use a specially compressed (protected) file that may have been obfuscated or encrypted in order to conceal itself and often trigger alerts by anti-virus software using heuristic detection because they are resistant to scanning (difficult to read). Sometimes lowering the program's heuristic settings and rescanning may provide more accurate results but then that increases the possibility for new malware to infect your system.

With that said...as a new member be sure to read the Welcome to Bleeping Computer! Guide and the following...Best regards,
The BC Staff
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users